Allow a user to delete a PUA when it has been detected by Sophos. Right now this has to be done from the Sophos Admin portal, even when users are notified by Sophos (And us via Email) that a program has been detected.

Malwarebytes service and SOPHOS endpoint control on my pc worked together for almost a year. On or after the second Tuesday of the month, they no longer work concurrently. I either have to A) stop malwarebytes service and reboot, or B) turn-off SOPHOS Real Time internet scanning for four (4) hours, for them to work together on my PC.

If Malwarebytes service and SOPHOS work together for the last three weeks, then all my browsers freeze.

I am a Super Admin for the Iowa Attorney General's Office. Please restore the simultaneous functioning of Malwarebytes service and SOPHOS real time internet scanning.

Thank you.

Malwarebytes service and SOPHOS endpoint control on my pc worked together for almost a year. On or after the second Tuesday of the month, they no longer work concurrently. I either have to A) stop malwarebytes service and reboot, or B) turn-off SOPHOS Real Time internet scanning for four (4) hours, for them to work together on my PC.

If Malwarebytes service and SOPHOS work together for the last three weeks, then all my browsers freeze.

I am a Super Admin for the Iowa Attorney General's Office. Please restore the simultaneous functioning of Malwarebytes service and SOPHOS real time internet…

I would like the ability to be able to setup honey pots files that will automatically lockout the user or computer if the file is accessed or altered. It seems that AV is a natural place to build in this feature. For example I would like to have a file named "Client SS numbers.xlsx" that if accessed would notify me, to and block the node from acceing the server any more. I would also use as a second check agaist Crypto viruses. I would make one of the first and last files on the server a honeypot that if hit would lockout that node.

I would like the ability to be able to setup honey pots files that will automatically lockout the user or computer if the file is accessed or altered. It seems that AV is a natural place to build in this feature. For example I would like to have a file named "Client SS numbers.xlsx" that if accessed would notify me, to and block the node from acceing the server any more. I would also use as a second check agaist Crypto viruses. I would make one of the first and last files on the server a honeypot that if hit…

Problem: we have experienced input lag (typing in various fields) within one of our in-house applications. In troubleshooting, we have determined that Intercept X and Hitman Pro were scanning the software for long periods of time throughout the work day and causing this input lag. After disabling both, the problem is alleviated. My suggestion is to perhaps offer the ability to exclude software from scans at the agent level so that all machines that might be affected within any given software program are not scanned by Sophos and therefore no longer affected.

My response team uses Microsoft's PSTools. Sophos classifies them as PUA / Adware. I can go into my AV/HIPS policy and exempt file names, but that lets malicious actors hide from Sophos by using the same name. I can go into Authorization and exempt those that have already been detected, but I can't pre-emptively whitelist a tool that hasn't triggered an alert yet. I would prefer to be able to whitelist any EXE code that carries a legit Microsoft signature.

A Platinum customer would like the ability to have Sophos Anti-virus cleanup infected file(s) that are inside an archive where there are multiple files inside the archive where all files are not malicious.

Basically, they would like SAV to cleanup the malicious file which resides inside the archive but leave the archive intact with all the other legitimate files.

Have an option configurable in Enterprise Manager which prevents program execution from temporary folders, particularly those used to interact with Web or Mail. Thus a file exe, js, vbs or whatever file could be prevented from running from the user IE temporary or download folders and from folders involved in Outlook or other mail clients. There could be a whitelist or other options to deal with problems.

Hi Team,
I am working in the resller company. Every customers are concerning about this automatic USB scanning feature (If we insert the pendrive, then it should scan automatically all the files (or) the wizard should ask for the scan.
So this would be good, if we had this feature.

Currently Sophos has no option to perform a quick scan on the affected endpoint. A quick scan can quickly scan the mostly affected areas of an operating system (for eg. memory, registry, currently running processes, startup entries etc.) in and under 10-15 minutes.

This Quick Scan could largely benefit users who want to occasionaly run a scan but don't as the only option they are left with is a full system scan.

icon-data-protectionicon-endpoint-protectionicon-phish-threaticon-sophos-centralicon-sophos-centralicon-sophos-centralicon-sophos-centralicon-sophos-centralicon-sophos-centralicon-sophos-centralicon-sophos-mobileicon-sophos-utmicon-sophos-utmicon-sophos-utmicon-web-applianceicon-xg-firewallicon-xg-firewallicon-avid-secureicon-lightbulbCreated with Sketch.

Your password has been reset

We have made changes to increase our security and have reset your password.

We've just sent you an email to .
Click the link to create a password, then come back here and sign in.